amuck-landowner

FraudRecord Public Dumps User / Customer Info

Lee

Retired Staff
Verified Provider
Retired Staff
I realize the need to properly verify providers, or even read/approve every report to make sure the text content is useful and informational.

That leaves me about $125/mo for all the admin hours people ask me to spend. I apologize to those who think getting one email every few months is annoying, but I need everything to run this for free.

But I will listen to one of your previous recommendations. I will monetize it more to make sure I can spend proper time to increase the quality of the memberbase and the individual reports. I will get a lot more hate for monetizing some parts of FR, but it's either that or no FraudRecord at all, if the current wasy isn't working for everyone.
Again, it's a useful service done right.  If monetization leads to better quality control and controls then I won't be criticizing that move.  The ones who start to hate you for asking for a payment to make the service better serves to identify the ones you do not want or need.  thus improving quality almost immediately.
 

drmike

100% Tier-1 Gogent
Again, it's a useful service done right.  If monetization leads to better quality control and controls then I won't be criticizing that move.  The ones who start to hate you for asking for a payment to make the service better serves to identify the ones you do not want or need.  thus improving quality almost immediately.
Not that it always works out this way, but monetization leads to a true business.   There are insurance matters, bondability, risk, etc. involved in any business, especially something of said nature.

I encourage that pursuit and some regulation before more examples of questionable use of the system show up and someone takes such personal and decides to do something about it for a change.
 

Lee

Retired Staff
Verified Provider
Retired Staff
Monetization creates focus.  When I read that last post from Harzem all I seen was woe,  it cost's me x, my hassles are y and my motivation to even begin looking at developing it is z.

Welcome to trying to run a service which should be a regulated business on a shoestring budget.
 

fixidixi

Active Member
@harzem:

I'm no user of your service nor even received any emails :) but the both threads were pretty active here:

My only question is if you are sure you've notified everyone properly that you are going to send [x] adverts / [y] period to be able to keep the service running?

Just as I've read a LOT of posts (not all of them tough) but havent seen anything like that from you. In fact my blurry memory only holds something about not going to follow this way. I can be easly wrong but if its like that then I could imagine some ppl would be pissed about it..

Well for one I think the sole idea and that you've kept this running this long is.. .. pretty awesome :) so kudos!
 

MattKC

New Member
Harzem, how about requiring providers to add the fraud record clause to their TOS and verify it has been added before allowing them to use the service? This could go hand in hand with verifying providers to help keep the trash providers (cough, GVH) out of using the service for revenge or abuse. This would address the issue of end users having no idea a provider is sending their details to a negative impact, un-affiliated third party that will impact their ability to make future orders.


Your service works (or should when not being abused) like a credit bureau report for hosting customer's history (albeit with only negative data). Customers must know that their information is being provided to you for purposes of allowing future purchases, especially when you only collect negative information that has no standardization or verification/validation associated to ensure the data is factual.


Don't get me wrong, I think fr can be a valuable tool, there are just too many ways it is being abused at present, virtually no validation and/or end user disclosure regarding the service in current form.
 

fixidixi

Active Member
@MattKC:

He already said he doesnt have enough time doing the current work. Do you think manual verification of every providerS TOS ?! is the way to go?

Its not the way to go. He could also be standing behind everyone with a whip to avoid fraud to be commited. It's providers responisbility to honour fraudrecord's usage policy..
 

DomainBop

Dormant VPSB Pathogen
Harzem, how about requiring providers to add the fraud record clause to their TOS and verify it has been added before allowing them to use the service?
+1 to that because a sizable number of hosts don't list it in their policies and the ones who don't list it also tend to be the ones who abuse it the most by posting false reports (it's not really that surprising that these hosts don't list it since many of these hosts have amateurish TOS and privacy policies that would get thrown out of most courts...some of them would even get thrown out of a kangaroo court)

A couple of quick google searches show that many hosts do list it though on their privacy policy or their TOS so a +1 to those hosts.

Your service works (or should when not being abused) like a credit bureau report for hosting customer's history (albeit with only negative data).
One big difference between the professional credit bureaus (besides the obvious ones of outside auditing, adherence to government regulations, objective accurate reports as opposed to FR's subjective often false reports,  ownership by a registered business, etc) and the amateur hour that is FR is that underage children who aren't old enough to legally sign a contract aren't submitting consumer reports to Experian, TransUnion, etc while FraudRecord welcomes children (as well as known skids) with open arms.. :)
 
Last edited by a moderator:

MattKC

New Member
@MattKC:


He already said he doesnt have enough time doing the current work. Do you think manual verification of every providerS TOS ?! is the way to go?


Its not the way to go. He could also be standing behind everyone with a whip to avoid fraud to be commited. It's providers responisbility to honour fraudrecord's usage policy..
Monetizing the service would address the lack of resources by allowing him to hire staff, create automation, etc. If you are going to blame a problem of non disclosure on the providers using the service, you need to find a way to address that problem. Or we can just continue to ignore it and any other problem and not suggest any solutions.


If it's the providers responsibility, there needs to be recourse for those who fail the responsibility, not just ignore it. It would take less than 30 seconds for him to check their tos for inclusion...add it to the signup process that requires a link to the tos where the clause appears. Simple to add and simple to verify. I'm not saying he has to check every day that it is there, just upon signup and perhaps at random or if a complaint is made regarding it not being there.
 

fixidixi

Active Member
@MattKC:

My problem is with the principal: if you are a hammer vendor you cant make sure than ppl who buy your tool wont use it do bad things with it... ...and its not your responsibility as a service provider.

But to be cooperative :): I think we are talking about two different things: I'm talking about the current setup, your idea was about after/when harzem continued on the way of monetizing so he would earn some sort of revenue to have more hands :)..
 

Lee

Retired Staff
Verified Provider
Retired Staff
@MattKC:

if you are a hammer vendor you cant make sure than ppl who buy your tool wont use it do bad things with it... ...and its not your responsibility as a service provider.
I am going to come around and bash your skull in until you're dead for using that analogy.

Now if I did you are correct, the guy that sold me the hammer can't be responsible in any way.  But If I said that on FR in response to a client pissing me off would FR not be responsible for allowing that comment to a) exist and b ) let others see it and c) not doing something about it?  The answer you are looking for is yes they would be.  In fact there is no they, Harzem is personally liable for any damage FR may cause because he allowed it to exist as the data controller.

Now that may seem extreme of course but it only takes one serious event and Harzem could easily find himself in big trouble over a service that whether he likes it or not breaks EU rules for a start.  Search around, it's usually only after some shit hits the fan that you find out what you are liable for when running a service that holds data that then causes harm.

It's all well and good saying FR can only advise providers to mention in their terms that they may send information to FR but Harzem can't avoid responsibility for the content he has as a data controller.  It makes no difference which provider submitted it, once it's in his possession (encrypted or not) he becomes liable.

Remember once you submit a report to FR the provider no longer controls it, it is not his responsibility.  I believe it's possible for the provider who reported it to remove it, possibly change it.  

But let me be clear again:  

Once submitted to FR, the submitter can be held liable for making the comment but not responsible for the existence of the data, he has passed responsibility to FR because the data is no longer in the submitters system.

But anyway I will duck out of all this now, I don't want @MannDude to think I stayed around after my last thread and I can't have Colocrossing thinking I don't love them by being here.

Impeccable timing, just seen this on LET, https://www.fraudrecord.com/api/?showreport=5a97456bc264f109
 
Last edited by a moderator:

DomainBop

Dormant VPSB Pathogen
It's all well and good saying FR can only advise providers to mention in their terms that they may send information to FR but Harzem can't avoid responsibility for the content he has as a data controller.  It makes no difference which provider submitted it, once it's in his possession (encrypted or not) he becomes liable.
Good example: last year the state of Mississippi sued the largest credit reporting agency Experian over inaccurate consumer data in its database.

http://onlineathens.com/jeff-horwitz/2014-06-16/lawsuit-filed-against-credit-reporting-giant-experian

The lawsuit accuses Experian of knowingly including error-riddled data in the credit files of millions of Americans, jeopardizing their ability to obtain loans, employment-related background checks and sensitive government security clearances.
If you're maintaining a database of consumer information you do have a responsibility as the service provider to have controls in place to ensure that the information submitted to your service and stored in your database isn't riddled with false information and inaccuracies.  Based on some of the absolute shit I've seen in the FR database (example: complaints by kiddie hosts that state "criminal intent" because a customer opened multiple tickets after their tickets were auto-closed without a reply, etc) , FR doesn't have adequate controls in place to ensure the accuracy of the information in its database, and the whiny replies of "it would take too much time to do that", "it would cost too much money to do that" are not an excuse when you're running a consumer reporting service.  If you don't have the resources to implement the right controls from Day 1 then you shouldn't be running a consumer reporting service.
 

MattKC

New Member
@MattKC:


My problem is with the principal: if you are a hammer vendor you cant make sure than ppl who buy your tool wont use it do bad things with it... ...and its not your responsibility as a service provider.


But to be cooperative :): I think we are talking about two different things: I'm talking about the current setup, your idea was about after/when harzem continued on the way of monetizing so he would earn some sort of revenue to have more hands :)..
The difference here though is that he states it as a requirement for using the service, but does not enforce or verify it. The hammer analogy isn't at all the same thing. You don't have to agree you won't use a hammer on a person when you buy it or agree to use it.


But agree, we are talking about a before vs after scenario in terms of what has been and could be done. The example Lee posted is an excellent example of the nonsense that is being fed into the system due to no checks/balances/requirements. Asking for a refund got that customer a fraud report with the reasoning "asked for a refund due to not knowing how to manage vps". How is that fraud or abuse? If the customer qualified for a refund per tos, give it, no report justified. If they didn't qualify per tos, don't give it, still no report justified. If they harrassed/spammed/abused support then detail that if you feel a report is justified. The reason given in that report is crap and that report should be thrown out imo.
 

Criot

Member
Verified Provider
I think definitely all of these points are valid, I can see why these sort of things need to be validated, but realistically, if FraudRecord started charging for their service to implement such measures, how many companies would actually continue to use it? How many use it just because it's a free service? It has to be considered that the less companies that actually use it (properly), the more useless it effectively becomes.

Providers also need to use their own judgment with these sort of systems, if you see a client on FraudRecord with a report for a silly reason, like the example given above, any provider with some sense between their ears wouldn't decline an order, I personally wouldn't.
 
Last edited by a moderator:

fixidixi

Active Member
I think if a careful rating system would be introduced such as providers can also be rated ( like - for retardish submission) that might also help to weigh certain submissions :)
 

drmike

100% Tier-1 Gogent
Monetizing the service would address the lack of resources by allowing him to hire staff, create automation, etc. If you are going to blame a problem of non disclosure on the providers using the service, you need to find a way to address that problem. Or we can just continue to ignore it and any other problem and not suggest any solutions.


If it's the providers responsibility, there needs to be recourse for those who fail the responsibility, not just ignore it. It would take less than 30 seconds for him to check their tos for inclusion...add it to the signup process that requires a link to the tos where the clause appears. Simple to add and simple to verify. I'm not saying he has to check every day that it is there, just upon signup and perhaps at random or if a complaint is made regarding it not being there.
The ToS inclusion is literally a verbatim matchable quote and tying that to a form that collect the company's ToS URL and fires off a HTTP GET and parses for the content exist.   Very simple.  Literally a few hours of work tops.   

Based on the rudimentary search earlier (cause Google searches are meh, often littered with other content) I'd guesstimate 500 or less mentions of FraudRecord in Terms pages.  Probably below 50% compliance today.  Driving the mention in Terms is something that should be pushed heavily.  It's good for companies to get cozy with their terms and good to disclose FR and many other things they are subjecting customer to (ARIN IP justifications).  Companies fear such disclosures because customers rightly might notice and not be happy about such and their competitors aren't being forthright and honest and disclosing similar.   It's truly a chicken sees then chicken does industry segment.

BudgetGeek Telecomshttp://budgetgeektelecoms.com/


Reported on: Nov 23, 2014 - 02:08

3


Reliability 1

nameemail,phonenumber,addressip

support abuse 


This person asked for a refund because he does not know how to use a VPS.
^--- that FraudRecord Entry --- in there because?    Revenge submission?  Pissed support tech/owner?  Or just because they can? Oh that is MTWISCOOL submitting.  Talk about an issue on submitter and all.  Yikes.  Would someone sue FraudRecord, MTW, or his legal guardians?

Is there a way to actively query and see recent FR submissions in ongoing fashion?  Anyone?

if FraudRecord started charging for their service to implement such measures, how many companies would actually continue to use it? How many use it just because it's a free service? It has to be considered that the less companies that actually use it (properly), the more useless it effectively becomes.
Cheapskates will use it, if it costs low end money.  Like I said earlier - $1-3 a month.  Sell it flat annual $12-24 a year.  Ideally any loss of use due to cost barrier is offset by having high caliber of well behaved paying customers who submit what is rightly defined and encompassed within the spirit of FRAUD.  Thus reducing the heap of steaming dung too many FR entries appear to be.  Also reducing public scrutiny ideally.

Imagine this, even us 'mean folks' see utility and need for the service.  Just requires properness of approach, limits on what can go in there, public access that is clear (i.e. I'd like to see at will any entries for me), means of refuting bogus entries, some sort of due process on the refutes, some common sense where submissions are off color and auto pulled / held pending manual human intervention, etc.
 

WSWD

Active Member
Verified Provider
^--- that FraudRecord Entry --- in there because?    Revenge submission?  Pissed support tech/owner?  Or just because they can? Oh that is MTWISCOOL submitting.  Talk about an issue on submitter and all.  Yikes.  Would someone sue FraudRecord, MTW, or his legal guardians?

Honestly, reports like that are WAY more important to me than reports of actual fraud.  MaxMind and going through orders manually will find most of the fraud.

Reports like this?  Invaluable!  Can't tell you how many people are just like the client in that report.  They buy an unmanaged VPS, don't know how to use it, and then issue a chargeback.
 

drmike

100% Tier-1 Gogent
Honestly, reports like that are WAY more important to me than reports of actual fraud.  MaxMind and going through orders manually will find most of the fraud.

Reports like this?  Invaluable!  Can't tell you how many people are just like the client in that report.  They buy an unmanaged VPS, don't know how to use it, and then issue a chargeback.
Your post made me laugh because I am oh too familiar with the sad situation, having seen these screwball customers in a number of shops.

All said, that's not a fraud issue though (me knitpicking at FR name and intention vs. content stored in).  If you ran a retail store and someone bought a toaster and didn't understand it or determined this week that they hated toast, back it would come and refund would happen (usually).

No offense meant, but I think the buyers misunderstanding / knowledge thing yet still buying randomly is a 1. price point problem and 2. attracting customers via the cheap channels.   I can fully understand people lured by BUY IT NOW! BEST PRICE EVER! LIMITED STOCK! PUPPIES ON FIRE!

Same methods applied to $20 sales item would attract 80% less idiots conservatively.
 

zed

Member
Can you imagine retailers denying your business because you returned a thingamob to some other retailer somewhere once? It's amusing what making 37 cents a year off each customer does to people's brains, viva la low end vps market.
 

KuJoe

Well-Known Member
Verified Provider
Can you imagine retailers denying your business because you returned a thingamob to some other retailer somewhere once? It's amusing what making 37 cents a year off each customer does to people's brains, viva la low end vps market.
If they're only making $0.37 per client imagine how mad they would be when a single client costs them $25 in 1 day. There's a huge difference between returning an item to a store (costs the store $0.00) and a client filing a chargeback with their credit card company/bank. I'm just pointing out that it's not exactly comparing apples to apples more like apples to a banana peel with a bill attached to it telling the banana salesman that he owes $25 for that banana his client already ate AND the client got their money back while comfortably digesting the banana.
 

Wintereise

New Member
>> Can you imagine retailers denying your business because you returned a thingamob to some other retailer somewhere once?

Once, no. But if you repeatedly behave in erratic ways, I would be very interested in learning about that -- and subsequently denying you service to not waste my resources.

FR, the way I see it, is just another tool in the toolbox. How you use it is entirely up to you.
 
Last edited by a moderator:
Top
amuck-landowner